From https://bugs.gentoo.org/930831#c9: """ Nitpick: net-p2p/kubo (f.k.a. ipfs) does basically the same thing - it downloads a "database migration" blob to /tmp/ and attempts to run it from there, which of course fails on a properly configured distro with tmp mounted noexec for security. """ Could someone investigate this?
Whenever I can I will set-up a proper system to test it, but grepping the source code only seems to show references to /tmp for running tests
I was in a rush before. I can confirm that the migration code downloads code into /tmp and tries to execute it: > Fetching with HTTP: "https://trustless-gateway.link/ipfs/QmZPedUiZNe6Gq9oDvoizuuCMVoeb7shwq9xKhysq7exMo/fs-repo-13-to-14/v1.0.0/fs-repo-13-to-14_v1.0.0_linux-amd64.tar.gz" > Downloaded and unpacked migration: /tmp/migrations788496017/fs-repo-13-to-14 (v1.0.0) > Running migration fs-repo-12-to-13 ... > => Running: /tmp/migrations788496017/fs-repo-12-to-13 -path=/root/.ipfs -verbose=true > The migrations of fs-repo failed: > migration fs-repo-12-to-13 failed: fork/exec /tmp/migrations788496017/fs-repo-12-to-13: permission denied > If you think this is a bug, please file an issue and include this whole log output. > https://github.com/ipfs/fs-repo-migrations > Error: migration fs-repo-12-to-13 failed: fork/exec /tmp/migrations788496017/fs-repo-12-to-13: permission denied There is a relevant issue already opened: https://github.com/ipfs/fs-repo-migrations/issues/148 As I understand it we should package the migration programs also, somehow.
